Security Update news release

Jeff Weinstein jsw at neon.netscape.com
Wed Sep 27 15:28:27 PDT 1995


In article <199509261941.MAA02266 at ix6.ix.netcom.com>, stewarts at ix.netcom.com (Bill Stewart) writes:
> >>Do the new versions use PGP's randseed.bin? If Netscape even only looks at
> >>data used to keep PGP secure,  Netscape will be banned from my computer
> >>and every computer I am responsible for. -- For good.
> >
> >This is the second person who has expressed this sentiment. I don't
> >understand it. If you believe that the possibility of randseed.bin
> >getting out is dangerous, then why do you leave it online? Do you
> >really trust every piece of software you run, every piece of software
> >that can possibly access your machine over the net, to not look at
> >that file?
> 
> It makes a little bit of sense - I'm not aware of any software,
> other than PGP and now Netscape, that _explicitly_ goes after randseed.bin,
> though of course just about anything can try.  

  Netscape will not read randseed.bin.  I've changed it to use an environment
variable that names a user specified file to read.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw at netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.






More information about the cypherpunks-legacy mailing list